Touch ID Security Concerns

Over the weekend, the Chaos Computer Club announced that it had bypassed Apple’s Touch ID sensor using a photograph of a fingerprint to create a fake fingerprint model.

While Starbug suggests that the hack is “very easy” and can be completed with “inexpensive office equipment like an image scanner, a laser printer, and a kit for etching PCBs,” Marc Rogers, who also completed the bypass, disagrees, noting that it requires “over a thousand dollars worth of equipment.”

While people have been able to bypass the Touch ID on the iPhone 5s most reports suggest that the process in complicated and requires an unsmudged, complete print of the correct finger and a way to “lift” the print using cyanoacrylate (super glue) fumes, fingerprint powder, and fingerprint tape. The lifted fingerprint must then be photographed, edited, and printed onto transparency film, where it is converted to a usable fingerprint via a PCB board or a laser printer.

 

 

 

Even if someone can complete the above process, using the fake fingerprint is “tricky” and prone to failure.

Although the process is possible the requirements to emulate means that it is not a high risk threat for the average user.